Log & Monitor Scripts with Suspicious Activity, Module Scaffolding with PSStucco

Jul 07, 2025

Hello, fellow PowerShell Engineers! We have yet another great week of PowerShell content for you.

PowerShell Tip: Colored Status Messages

It’s really easy to create professional-looking status messages with colors and emojis to make your scripts more user-friendly and easier to read.

Make a Write-Status Function

function Write-Status {
    param(
        [string]$Message,
        [ValidateSet("Info", "Success", "Warning", "Error")]
        [string]$Type = "Info"
    )
    
    switch ($Type) {
        "Info"    { Write-Host "ℹ️  $Message" -ForegroundColor Cyan }
        "Success" { Write-Host "✅ $Message" -ForegroundColor Green }
        "Warning" { Write-Host "⚠️  $Message" -ForegroundColor Yellow }
        "Error"   { Write-Host "❌ $Message" -ForegroundColor Red }
    }
}

Usage Examples

# Basic usage
Write-Status "Starting backup process..." -Type Info
Write-Status "Backup completed successfully!" -Type Success
Write-Status "Low disk space detected" -Type Warning
Write-Status "Connection to server failed" -Type Error

# In a real script
Write-Status "Checking prerequisites..." -Type Info
if (Test-Path "C:\temp") {
    Write-Status "Temp directory found" -Type Success
} else {
    Write-Status "Temp directory missing" -Type Warning
    New-Item -Path "C:\temp" -ItemType Directory
}

Write-Status "Script execution complete" -Type Success

Output Example

When you run the above code, you'll see:

Blue "ℹ️" for Info messages
Green "✅" for Success messages
Yellow "⚠️" for Warning messages
Red "❌" for Error messages

This simple function transforms plain text output into colorful, easy-to-scan status updates that make your PowerShell scripts look professional and help users quickly understand what's happening.

PowerShell Videos

Adam Driscoll, of Ironman Software, goes over how to make a simple PowerShell repository with Sleet at PSConfEU.

PowerShell Wednesdays with Andrew Pla - Greg Martin was on to talk about source control with Git. A very good session.

…not a PowerShell video, but I did put together a new video how to program in Python from a somewhat PowerShell perspective.

PowerShell Community News & Projects

🛡️ How to log and monitor PowerShell activity for suspicious scripts and commands

Susan Bradley has a great article on how organizations can protect themselves from PowerShell-based attacks by implementing various logging and monitoring strategies for Windows workstations. The article emphasizes adjusting attack surface reduction rules, enabling PowerShell command logging via Group Policy or Intune, and leveraging Microsoft Defender for Cloud and Endpoint for suspicious activity detection.

🏗️ PowerShell Module Scaffolding with PSStucco

Jake Hildreth has an interesting article on using PSStucco for scaffolding new PowerShell modules, serving as an updated guide to Gilbert Sanchez's original article about the now-unmaintained Stucco. The article details the process of installing PSStucco, setting up a GitHub repository, creating modules, running tests, committing code, and publishing to the PowerShell Gallery, highlighting differences and providing updated steps for PSStucco and VSCode integration.

☁️ Azure Arc: Uninstall the Connected Machine agent and clean up related resources on Windows using a PowerShell script

Wim Matthyssen has a great article on how to thoroughly uninstall the Azure Arc Connected Machine agent from a Windows machine using a PowerShell script, as a manual uninstall often leaves behind folders, files, and registry keys. The script automates the removal of related processes, services, folders (excluding Defender for Servers), the Dependency Agent, and leftover registry keys, ensuring a complete cleanup.

New SQLite module for PowerShell

Gael Colas has an interesting article on synedgy.PSSQlite, a new PowerShell module that simplifies SQLite database operations. This module allows users to perform common database tasks (CRUD) without writing SQL, by leveraging a YAML configuration file for schema definition.

PowerShell.News

Discussion about this post